Date: Sun, 29 Oct 2006 22:00:00 -0500 From: Mike Meyer <mwm-keyword-freebsdhackers2.e313df@mired.org> To: "Steven Hartland" <killing@multiplay.co.uk> Cc: Joerg Pernfuss <elessar@bsdforen.de>, freebsd-hackers@freebsd.org Subject: Re: [patch] rm can have undesired side-effects Message-ID: <17733.27312.946128.816900@bhuda.mired.org> In-Reply-To: <004301c6fbca$33046750$b3db87d4@multiplay.co.uk> References: <20061029222847.GA68272@marvin.astase.com> <20061030003628.42bc5f8d@loki.starkstrom.lan> <00f201c6fbb6$0c6bd150$b3db87d4@multiplay.co.uk> <17733.22173.12972.677850@bhuda.mired.org> <004301c6fbca$33046750$b3db87d4@multiplay.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
In <004301c6fbca$33046750$b3db87d4@multiplay.co.uk>, Steven Hartland <killing@multiplay.co.uk> typed: > Mike Meyer wrote: > >> That maybe the case but does rm -f <file> remove all copies? > >> Nope so its behaviour is safe even with multiple hardlinks. > > Of course it doesn't remove all copies - because there *aren't* > > multiple copies. There is only *one* copy, with multiple hardlinks. > > You told it to remove one hardlink, and it did that, without caring if > > that's the last link or not, and erroring out because you could lose > > data if it's the last link. > I think you missed my point. If you had a file with multiple > hardlink rm -f does NOT remove all copies it just decrements > the link count. As such you will never loose data IF it was > just a hardlink. Actually, rm -f either removes no copies or removes them all, because there's only one copy. It either gets removed (if this was the last link) or it doesn't. And you seem to have missed my point. Having a "destroy this data" option that doesn't do it based on the link count makes as much sense as having "rm" not remove a link based on the link count. > >> My personal preference would be for it to warn or perhaps > >> error if the link count is not zero. Possibly use -f to > >> override this but even that I'd say is dangerous. > > My personal preference is that the system do what I tell it to. If I > > wanted a system that second guessed me and didn't do things that I > > told it to because it thought it knew better than I did what I wanted, > > I wouldn't be using Unix. > So before every single rm -f you would prefer to have to check > if the link count of every file was > 1 if its defined behaviour > was to "destory" the file, I very much doubt that. No, because I wouldn't be using "rm -f" if it's behavior is "destroy the file" but I just wanted it unlinked. Trying to second guess the user is the wrong thing to do in a system designed for adults. Yeah, we can check the hard link count, and issue a warning. This will make scripts that try to be secure fail to do their job, and we'll add an option to ignore the check (or maybe it'll go in in the first place) so that we can still write secure scripts - though they won't be portable. Then someone will complain because their symlink got clobbered. <mike -- Mike Meyer <mwm@mired.org> http://www.mired.org/consulting.html Independent Network/Unix/Perforce consultant, email for more information.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?17733.27312.946128.816900>
